IsURL is accepting "http//" as legitimate URL prefix

asaskevich / govalidator

[Go] Package of validators and sanitizers for strings, numerics, slices and structs

MIT License

5.97k stars 554 forks source link

IsURL is accepting "http//" as legitimate URL prefix #494

Open mpkondrashin opened 8 months ago

mpkondrashin commented 8 months ago

Bug Report

Summary

IsURL is accepting "http//" as legitimate URL prefix

github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2

Current behavior

govalidator.IsURL("http//abc.com") returns true.

How to reproduce

package main

import (
    "fmt"
    "github.com/asaskevich/govalidator"
)

func Main() {
    fmt.Println(govalidator.IsURL("http//abc.com"))
}

Expected behavior

IsURL is expected to return false for "http//abc.com"

StrawHatHacker commented 7 months ago

Just came across this error in my code. For now, I just check if it starts with http:// or https://, but it would be good if this issue is addressed soon since this package is used in a lot of production environments. Judging from the commit history, I don't have a lot of faith.

elkcityhazard commented 6 months ago

I submitted a pull request for this